[Sks-devel] Re: zero-length MPIs (was: Re: mpi error with
check-trustdb in 1.4.2 - resolved)
Klaus Singvogel
kssingvo at suse.de
Wed Aug 24 15:07:17 CEST 2005
Hi.
Jason Harris wrote:
> On Thu, Aug 11, 2005 at 09:54:59PM +0200, Peter Palfrader wrote:
> > On Thu, 11 Aug 2005, Jason Harris wrote:
>
> > > Fetching them from keyserver.kjsl.com is now possible with gnupg-1.4.2.
> > > To patch pks, add this to the middle of decode_mpi() (in pgputil.c):
> > >
> > > /* skip packets with 0-length MPIs for GPG's benefit (gnupg-1.4.2) */
> > > if (mpi->nbits == 0) {
> > > return (0);
> > > }
> >
> > can we do that in SKS too? please!
>
> Try the patch below. 0x1A9537E7 is another offending key, and all eight
> work now:
>
[...]
I don't see those files in my copy of gnupg-1.4.2. where your patch
applies. Therefore I looked myself closer at the code, as this problem
araises unter "gpg --trustdb" at some of our users.
I noticed that these messages are coming from
mpi/mpicoder.c:mpi_read() and had a closer look at it. :-)
The second if check, for "goto overflow;" seems a bit doubtful (maybe
a copy&paste without to much thinking whats coming next ? :-) As
there are no mandatory reads from the iobuf coming, only optional
reads, I changed the code to "if (++nread > nmax)" and the problem
was gone (see attached patch).
Please confirm me, that my thinking is correct here.
Thanks in advance.
Regards,
Klaus.
--
Klaus Singvogel
SUSE LINUX Products GmbH
Maxfeldstr. 5 E-Mail: Klaus.Singvogel at SuSE.de
90409 Nuernberg Phone: +49 (0) 911 740530
Germany GnuPG-Key-ID: 1024R/5068792D 1994-06-27
-------------- next part --------------
--- gnupg-1.4.2/mpi/mpicoder.c.orig 2005-05-31 08:30:05.000000000 +0200
+++ gnupg-1.4.2/mpi/mpicoder.c 2005-08-24 14:51:07.000000000 +0200
@@ -87,7 +87,7 @@
nbits = c << 8;
if( (c = iobuf_get(inp)) == -1 )
goto leave;
- if (++nread >= nmax)
+ if (++nread > nmax)
goto overflow;
nbits |= c;
if( nbits > MAX_EXTERN_MPI_BITS ) {
More information about the Gnupg-devel
mailing list